AWS WAF- Web Application Firewall
Yes, we do have NACLs, which is a network firewall, but to protect us from the exploits of application layer attack we use WAF. A traffic which seems harmless to the NACL, can be built in with an attack motive like SQL-injection, HTTP flood, Cross site scripting or many many more.
The ultimate motive of any web application is to serve the clients but not all clients are ideal, some are attackers or bots designed to attack the web application.
WAF lets us configure rules that allow, block, or monitor (count) web requests based on conditions that you define.
These conditions can include IP addresses, HTTP headers and body, or custom URIs.
You can set up rules like Rate Based Blocking to automatically block bad traffic, or respond immediately to incidents. Here the WAF keeps a count of how many requests can be allowed for a particular type of client. If they exceed the limit ,they are blocked.
We also have WAF Managed Rules which helps us to deploy pre-configured rules to protect your applications common threats like application vulnerabilities. All Managed Rules are automatically updated by AWS Marketplace security Sellers.
After configuring all the rules, we put them together in a WACL(Web Access Control List)
With WAF we can also configure the response body which the user gets when traffic is blocked for them.
Happy learning guys !!!
Top comments (0)